Online banks use cryptographic protocols to secure the exchange of information on the Web, and hackers do not hesitate to adapt to this technology too. A new case of fake SSL (Secure Sockets Layer) certificates appeared again, following phishing threats we’ve seen last April and May (see our blog posts about fake digital certificates, rock…

A new hacking tool circulating on the Internet allows malicious users to create fake YouTube pages designed to deliver malware. The said tool, detected by Trend Micro as HKTL_FAKEYOUT, features a Spanish-language user-friendly console that a hacker could use to create a pair of Web pages that look eerily identical to legitimate YouTube pages. Figure…

While not as massive as earlier Web attacks that have used similar social engineering techniques, a new spamming operation has malware criminals using the logo of Trend Micro to lure unsuspecting Web users to “Trojanize” themselves. Here’s a screenshot of a bogus email message that potential victims in Brazil have been receiving in the past…

Notable Malware WORM_KOOBFACE.E, WORM_KOOBFACE.D These worms used the famous social networking site Facebook in their propagation routines. While executing on an affected user’s system, these worms search for cookies related to Facebook. Once a match is found, the worms access the user’s Facebook profile using the credentials contained in the cookie files. The worms then…

Striking email subjects get the job done. Well, given another spamming operation that uses popular personalities and events, that seems to be the case. Using a variety of subject-body combinations (a lot of which are totally unrelated to each other!), these spammed messages again appeal to the curious mind, offering a link in the email…

Security Predictions for 2020

Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.Read our security predictions for 2020.

Business Process Compromise

Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more,
read our Security 101: Business Process Compromise.